Disclosure Requests. 4.1 The Processor shall not disclose Personal Data to any public authority, agency or third party (each a “Public Authority”), unless the Processor receives a civil or criminal subpoena, or other official and written request which i) is issued by a public authority with the authority and jurisdiction to demand the disclosure,, ii) is legally binding on the Processor and requires the Processor to disclose Personal Data in response thereto, and iii) not contradictory to Data Protection Law. 4.2 If the Processor is contacted by a Public authority with a Disclosure Request, the Processor shall i) promptly notify the Controller by submitting an incident notification for Personal Data Breach according to Section 7 with a copy of the Disclosure Request, unless legally prohibited from doing so. ii) review the Disclosure Request to determine whether it is valid and if the Processor has a legal requirement to disclose Personal Data; and iii) asserts it legal rights, including to resist or narrow the demand by taking available remedies with reasonable prospect of success. 4.3 In no event shall the Processor provide any Public Authority with i) direct or indirect access to Personal Data
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement